The N.S.A.-Verizon Scandal

On Wednesday night, Glenn Greenwald, of the Guardian, posted a classified order from the secretive Foreign Intelligence Surveillance Court that everyone should read. It directs a Verizon division, Verizon Business Network Services, to turn over “on an ongoing daily basis” the “following tangible things”:

All call detail records or “telephony metadata” created by Verizon for communications (i) between the United States and abroad; or (ii) wholly within the United States, including local telephone calls.

This would give the National Security Agency millions of phone records. That metadata doesn’t tell the government what was said, but gives it “comprehensive communications routing information,” such as the phone numbers at both ends of the call, equipment codes, the time of the call, and how long it lasted. You can tell a great deal from all that.

Judge Roger Vinson signed the document, which also instructs Verizon not to tell anyone. The order raises some obvious questions, the largest being whether, judge or no judge, this looks like an outrageous breach of the privacy and rights of American citizens. The answer to that question is yes.

The government seems to have a list of all the people that Verizon customers called and who called them; how long they spoke; and, perhaps—depending on how precise the cell-phone-tower information in the metadata is, where they were on a given day. All phone records—for any of the company’s customers, not just, say, A.P. reporters that the government thought were involved in the leaking of national-security information, though that would be bad enough—are on the table. And the customers of other providers shouldn’t be reassured: it is likely that this order is simply one of a type—the one that fell off the truck. Whatever complaints their customers may have, there is no reason to think that choosing Verizon is a tell-tale sign of one’s foreign-intelligence value.

Either the government, in the interest of looking for a couple of particular Verizon customers, decided to vacuum up the records of what could be millions of them; or there are similar orders out there for other providers. Neither is a good option.

There is also nothing in the order telling the government to destroy the records after a certain amount of time. Nor do there appear to be provisions limiting who can see the data. How will that information not be a permanent temptation to overreaching investigators? (Beyond privacy rights, the location data has implications for freedom of assembly.)

The order covers the period from April 25th to July 19th of this year. That’s three months, a calendar increment that suggests it might be renewed regularly. An “expert in this aspect of the law” that the Washington Post spoke to said that the order appeared to be the descendant of one from 2006, “reissued routinely every 90 days and that it is not related to any particular investigation by the F.B.I. or any other agency.” The USA Today reported back then that something like this was going on, but the scale, legal sleight of hand, and its endurance under the Obama Administration are a surprise.

How, one might ask, is this possibly legal? The answer involves an interaction of FISA and the Patriot Act. FISA’s purpose is to allow the government to investigate foreign threats in a way that harms the privacy of Americans as little as possible. If the government wants access to an American citizen’s phone number because it thinks that person might be communicating with someone from Al Qaeda, and wants the warrant to be secret, it goes to FISA, which almost never turns it down.

This isn’t exactly a warrant; it’s an order to turn over “tangible things”; it refers to the Patriot Act, whose Section 215 allows the government to ask for “business records” that are “relevant” to an investigation, and that is what the government has decided to call these communication records. (Despite referring to these as “business,” the order says that the government doesn’t need “financial information.”) The sophistry lies in pretending that “metadata” is just about the transaction with Verizon—the business—rather than about the privacy of the callers.

Does the government believe that the possibility that someone, somewhere, is calling a terrorist makes the entire body of phone calls relevant? If the answer is yes—and I don’t think it is—then there is something very wrong with the law.

Should we have known this was going on? Last year, Senators Ron Wyden and Mark Udall wrote to Attorney General Holder about their concerns, based on classified briefings, about what they called “the controversial ‘business records’ provision” of the Patriot Act: “We believe most Americans would be stunned to learn how these secret court opinions have interpreted Section 215.” They raise serious questions about how honest the Administration has been in describing this program, and make what may be the crucial point:

As we see it, there is now a significant gap between what most Americans think the law allows and what the government secretly claims the law allows. This is a problem, because it is impossible to have an informed public debate about what the law should say when the public doesn’t know what its government thinks the law says….

To put it another way, Americans know that their government will sometimes conduct secret operations, but they don’t think that government officials should be writing secret law.

The problem, then, is not just secrecy, but meta-secrecy. The government let the public think that certain words mean one thing, while operating on the idea that they mean another.

Apart from Wyden and Udall, Congress was not nearly present enough. Nor were the courts: the FISA judges need to reëxamine their mandate. (This is where whistleblowers and investigative reporting come in.) And President Obama has to examine the question of what he can and can’t ascribe to the Bush Administration.

The Administration has, so far, let an official, who insisted on anonymity, speak for it. The official didn’t deny the report, but instead made four points: that this wasn’t about listening to actual voices; that it believed that knowing whom Americans were calling was “a critical tool in protecting the nation”; that “all three branches” knew; and that “there is a robust legal regime in place governing all activities conducted pursuant to the Foreign Intelligence Surveillance Act.” That this is the defense does not make the story better; it makes it worse. It indicates that the assumptions here are systematic; Senator Dianne Feinstein came out and joined in them. Wyden and Udall are right: this is a sort of moment that requires a public debate—a political response—not just a gentle judicial reminder.

The unnamed official didn’t say whether there would be a leak investigation, or whose private records might be seized for that.

When it comes to the Obama Administration’s commitment to the law, the useful question is not whether he is just like Bush. He is different from Bush, but that’s not enough. In the Bush Administration, there was a sense that something implied and sweeping—the duty of the Commander-in-Chief to keep us safe—made the fine print irrelevant. The Obama Administration, in contrast, seems almost seduced by the possibilities of legal language. Awe for the law is replaced by wonder at what its words can create or allow, and with tricks of mutable vocabulary. One saw that, for example, in the use of the word “imminent threat” in the Justice Department’s white paper on the targeted killing of Americans abroad. The word “imminent” might as well not have been there, for all the restraints it imposed. In the case of the phone records, one wonders what “relevant” means, and what is being investigated. The short answers, from the government’s perspective, seem to be anything and everything. Both approaches, ultimately, efface the meaning of the law.